Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. An anonymous transaction authentication system for providing anonymous information to a first party to enable transactions between the first party and entities with secure data stored in the system, comprising: a receiver for receiving a time variant code wirelessly communicated from a device to the first party responsive to an authentication input provided to the device by a user to trigger payment for services, wherein the device authenticates the user based on the authentication input; a database including secure data for each entity and information for mapping the time variant code to each respective entity having secure data in the secure registry system; and a processor configured to receive from the first party the time variant code for the entity and match the time variant code to the entity on whose behalf a transaction is to be performed, configured to map the time variant code to the identity of the entity and secure data associated with the entity including information required to enable the transaction to proceed anonymously, the information including account identifying information where the account identifying information is unknown to the first party, to provide the account identifying information to a third party to enable the transaction without providing the account identifying information to the first party.
2. The system of claim 1 , wherein the time variant code includes a secret code of the entity.
A system for secure authentication or data transmission incorporates a time-variant code to enhance security. The system generates a dynamic code that changes over time, reducing the risk of unauthorized access or data interception. This time-variant code includes a secret code specific to the entity using the system, ensuring that the authentication or transmission process is uniquely tied to that entity. The secret code may be a cryptographic key, a unique identifier, or another confidential value known only to the entity and the system. By integrating the secret code into the time-variant code, the system ensures that even if the time-variant component is compromised, the secret code remains protected, preventing unauthorized parties from replicating or intercepting the authentication or transmission process. The system may be used in applications such as secure login systems, financial transactions, or encrypted communications, where dynamic and entity-specific security measures are critical. The time-variant code may be generated using algorithms that incorporate timestamps, random values, or other time-dependent factors, ensuring that the code is unique and time-limited. The secret code of the entity is embedded within this time-variant structure, providing an additional layer of security. This approach mitigates risks associated with static codes or fixed identifiers, which are more susceptible to brute-force attacks or replay attacks. The system may also include mechanisms to verify the authenticity of the time-variant code and the embedded secret code, ensuring that only authorized entities can complete the authentication or transmission process.
3. The system of claim 1 , wherein the time variant code is provided from the entity via a secure electronic transmission device.
A system for secure electronic transmission of time-variant codes is disclosed. The system addresses the problem of unauthorized access and tampering during the transmission of dynamically changing authentication codes, which are critical for secure access control and transaction verification. The system includes a secure electronic transmission device that generates or receives time-variant codes from an entity, such as a user or a server, and transmits them to a recipient device. The time-variant code is a dynamically changing value, such as a one-time password (OTP) or a session token, which expires after a short period or a single use. The secure transmission device ensures the integrity and confidentiality of the code during transmission, preventing interception or modification by unauthorized parties. The system may include encryption, authentication protocols, or physical security measures to protect the code during transmission. The recipient device verifies the received code against expected values to authorize access or transactions. This system enhances security in applications like two-factor authentication, financial transactions, and secure communications.
4. The system of claim 1 , wherein the time variant code is encrypted and transmitted by the entity, and the system is configured to decrypt the time variant code with a public key associated with the entity.
This invention relates to secure communication systems, specifically for transmitting and verifying time-variant codes in a way that ensures authenticity and integrity. The system addresses the problem of unauthorized interception or tampering with time-sensitive data, such as authentication tokens or transaction codes, by encrypting the time-variant code before transmission. The entity generating the code encrypts it using a private key, and the receiving system decrypts it using a corresponding public key associated with the entity. This public-key cryptography approach ensures that only the intended recipient can verify the code's authenticity and integrity, as the public key is uniquely tied to the entity. The system is designed to handle dynamic, time-sensitive data, where the code's validity depends on its temporal properties, such as expiration times or sequence numbers. By encrypting the time-variant code, the system prevents attackers from generating or altering valid codes, even if they intercept the transmission. The invention is particularly useful in applications like secure authentication, financial transactions, or access control, where both the code's content and its timing are critical for security. The system may also include additional features, such as validating the decrypted code against expected values or time constraints, to further enhance security.
5. The system of claim 1 , wherein said first party provides delivery services, wherein the information is an address to which an item is to be delivered for the entity, wherein the system receives the time variant code and the system uses the time variant code to obtain the appropriate address for delivery of the item.
This invention relates to a delivery service system that securely provides time-sensitive address information for item delivery. The system addresses the problem of securely sharing delivery addresses that may change over time, such as temporary addresses, while ensuring only authorized parties can access the correct address at the right time. The system includes a first party providing delivery services and a second party managing address information for an entity. The second party generates a time variant code associated with a specific address for the entity, where the address may change over time. The system receives this time variant code from the first party and uses it to retrieve the correct address for delivery. The time variant code ensures that only authorized deliveries at the appropriate time can access the correct address, preventing unauthorized access or outdated address usage. This mechanism enhances security and accuracy in delivery services where addresses may be temporary or frequently updated.
6. The system of claim 1 , wherein the system is configured to enable the first party to perform the services without disclosing the secure data to the first party.
A system enables secure data processing where a first party can perform services on sensitive data without directly accessing or disclosing the data. The system includes a secure data processing environment that isolates the data from the first party, ensuring confidentiality while allowing the first party to execute operations on the data. The secure environment may use encryption, access controls, or other security measures to protect the data. The system also includes a user interface that allows the first party to interact with the data processing functions without exposing the underlying data. This approach ensures that the first party can perform necessary services, such as analysis or processing, without compromising the security of the sensitive information. The system may also include authentication mechanisms to verify the identity of the first party before granting access to the secure environment. The overall solution addresses the challenge of enabling data processing in scenarios where data privacy and security are critical, such as in financial, healthcare, or legal applications.
7. The system of claim 1 , wherein the information is credit card information regarding the entity, and wherein the processor is configured to provide the credit card information based upon the time variant code of the entity to enable a transaction.
This invention relates to a secure system for managing and providing credit card information to facilitate transactions. The system addresses the problem of securely transmitting and verifying credit card details during transactions, reducing the risk of fraud or unauthorized access. The system includes a processor that generates and manages time-variant codes associated with an entity, such as a user or device. These codes dynamically change over time, enhancing security by ensuring that credit card information is only accessible when the correct time-variant code is provided. The processor is configured to retrieve and provide the credit card information only when the time-variant code matches the current valid code, enabling a transaction to proceed. This approach prevents unauthorized access to credit card details, as the information is only released when the correct time-variant code is presented, reducing the risk of fraudulent use. The system may also include additional security measures, such as encryption or multi-factor authentication, to further protect the credit card information. The time-variant codes can be generated based on factors like timestamps, user input, or device-specific data, ensuring that the system remains secure even if a code is compromised. This invention is particularly useful in online transactions, mobile payments, or any scenario where secure credit card information transmission is required.
8. The system of claim 7 , wherein the system is configured to receive an approval of the credit card transaction without providing a credit card number of the entity to the first party.
A system for processing credit card transactions without exposing the card number to the first party involved in the transaction. The system includes a secure intermediary that facilitates the transaction between a user and a first party, such as a merchant or service provider. The intermediary receives payment authorization from the user and processes the transaction on their behalf, ensuring the user's credit card number is never directly shared with the first party. This enhances security by reducing the risk of unauthorized access to sensitive financial information. The system may also include additional features, such as tokenization, where a unique identifier replaces the actual card number during the transaction process, further protecting the user's data. The intermediary may also handle authentication, fraud detection, and compliance with payment regulations, ensuring a secure and seamless transaction experience. The system is particularly useful in online or digital transactions where minimizing exposure of payment details is critical. By eliminating the need for the first party to handle or store the user's credit card number, the system reduces the attack surface for potential data breaches and fraud. The system may also support multiple payment methods and integrate with existing payment networks to provide flexibility and compatibility.
9. The system of claim 1 , wherein the information is bank card information regarding the entity, and wherein the processor is configured to provide the bank card information to enable a transaction based upon the time variant code of the entity.
This invention relates to secure financial transaction systems that use time-variant codes to authorize transactions involving bank card information. The system addresses the problem of unauthorized access to bank card details by dynamically linking transaction authorization to a time-sensitive code, reducing the risk of fraud from stolen or intercepted card data. The system includes a processor that receives and processes bank card information associated with an entity, such as a user or account holder. The processor is configured to generate or validate a time-variant code, which changes over time, to authenticate the entity for a transaction. The system ensures that the bank card information can only be used when the time-variant code is valid, preventing unauthorized use of static card details. The processor may also verify the time-variant code against a trusted source, such as a server or authentication module, to confirm its legitimacy before enabling the transaction. The system may include additional components, such as a communication interface for transmitting the bank card information and time-variant code to a payment processor or financial institution. The processor may also encrypt the bank card information to further enhance security. The time-variant code could be generated using algorithms that incorporate timestamps, ensuring it expires after a set period. This approach mitigates risks associated with static card numbers, such as skimming or phishing attacks, by requiring real-time validation. The system is particularly useful in online or contactless transactions where traditional card-present security measures are unavailable.
10. The system of claim 9 , wherein the system is configured to provide an approval of the bank card transaction without providing a bank card number of the entity to the first party.
This invention relates to secure financial transaction systems, specifically addressing the problem of exposing sensitive payment information during transactions. The system enables a bank card transaction to be approved without transmitting the bank card number of the entity (e.g., the cardholder) to the first party (e.g., the merchant or payment processor). Instead of sharing the full card number, the system uses alternative authentication methods or tokenized payment data to authorize the transaction while maintaining security. The system may involve a payment gateway, a financial institution, and a merchant system, where the financial institution verifies the transaction and approves it without exposing the card number to the merchant. This approach reduces the risk of data breaches and fraud by minimizing the exposure of sensitive payment details. The system may also include additional security measures such as encryption, dynamic tokenization, or biometric authentication to further enhance transaction security. The invention is particularly useful in online or digital payment environments where secure and efficient transaction processing is critical.
11. The system of claim 1 , wherein the time variant code is generated to be a one-time non-predictable code.
A system generates and manages time-variant codes for secure authentication or access control. The system includes a code generation module that produces time-variant codes, which change over time to enhance security. These codes are designed to be one-time, non-predictable values, meaning each code is unique and cannot be derived from previous or subsequent codes. The system ensures that once a code is used, it cannot be reused or guessed, preventing unauthorized access. The time-variant nature of the codes adds an additional layer of security by limiting the window of opportunity for potential attackers. The system may also include a validation module to verify the authenticity of the generated codes, ensuring only legitimate codes are accepted. This approach is particularly useful in applications requiring high-security authentication, such as financial transactions, access control systems, or secure communications. The use of one-time, non-predictable codes mitigates risks associated with code reuse or interception, providing a robust security solution.
12. A computer implemented method for providing anonymous information to a first party to enable transactions between the first party and entities with secure data, the method comprising: receiving, by a receiver, a time variant code wirelessly from a device for an entity on whose behalf services are to be provided responsive to an authentication input provided to the device by the entity to trigger payment for the services, wherein the device authenticates the entity based on the authentication input; connecting to a database including secure data for each entity and information for mapping the time variant code to each respective entity having secure data in a secure registry system; and matching, by a processor, the time variant code to the entity on whose behalf a transaction is to be performed; mapping, by the processor, the time variant code to the identity of the entity and secure data associated with the entity including information required to enable the transaction to proceed anonymously, the information including account identifying information wherein the account identifying information is unknown to the first party; and providing, by the processor, the account identifying information to a third party to enable the transaction without providing the account identifying information to the first party.
This invention relates to a system for enabling anonymous transactions between a first party and entities with secure data. The problem addressed is the need to facilitate transactions while protecting the privacy of entities by keeping their account information confidential from the first party. The method involves receiving a time-variant code wirelessly from a device associated with an entity. This code is generated in response to an authentication input provided by the entity, which authenticates them for the transaction. The system connects to a secure database containing each entity's secure data and a mapping of time-variant codes to their respective identities. A processor matches the received code to the entity and retrieves their secure data, including account identifying information required for the transaction. This account information is then provided to a third party to complete the transaction, while the first party remains unaware of the entity's account details. The system ensures anonymity by decoupling the entity's identity from their financial information during the transaction process. The secure registry system maintains the integrity and confidentiality of the data, enabling trusted transactions without exposing sensitive information to unauthorized parties.
13. The method of claim 12 , further comprising an act of using corresponding information to enable the first party to perform the services, wherein using the corresponding information comprises providing anonymous validation information to the first party to perform the services.
This invention relates to a system for securely enabling a first party to perform services for a second party using anonymous validation information. The method involves receiving a request from the second party to perform services, where the request includes a request identifier and a service identifier. The system then retrieves corresponding information associated with the request identifier and service identifier from a database. This corresponding information is used to enable the first party to perform the services, with the key feature being the provision of anonymous validation information to the first party. The anonymous validation information allows the first party to verify the request without exposing the second party's identity or sensitive details. The system ensures that the services are performed securely while maintaining privacy. The method may also include generating a validation token for the request, which is then used to authenticate the request before retrieving the corresponding information. The overall approach enhances security and privacy in service provision by decoupling the identity of the requester from the validation process.
14. The method of claim 12 , wherein the act of receiving the time variant code comprises receiving a secret time variant code which is secret to the entity.
A system and method for secure authentication involves generating and using time-variant codes to verify the identity of an entity, such as a user or device. The method addresses the problem of unauthorized access by ensuring that authentication codes are dynamically generated and time-sensitive, reducing the risk of interception or reuse. The system generates a unique time-variant code that changes periodically, ensuring that even if a code is compromised, it becomes invalid after a short duration. The entity attempting to authenticate must provide this time-variant code, which is then verified against a reference code generated by the system. The code is secret to the entity, meaning it is not publicly known or easily guessable, adding an additional layer of security. The method may also include steps for generating the code based on a shared secret or cryptographic algorithm, ensuring that only authorized entities can produce valid codes. This approach enhances security by combining time-based expiration with secret key mechanisms, making unauthorized access significantly more difficult. The system may be used in various applications, including two-factor authentication, secure transactions, or access control systems.
15. The method of claim 12 , wherein the act of receiving the time variant code comprises receiving the secret code which has been transmitted by a secure electronic transmission device.
A system and method for secure code transmission involves receiving a time-variant secret code from a secure electronic transmission device. The secure electronic transmission device generates and transmits the secret code, which changes over time to enhance security. The system receives this code and uses it for authentication or authorization purposes. The time-variant nature of the code ensures that even if intercepted, the code becomes invalid after a short period, reducing the risk of unauthorized access. The secure electronic transmission device may include hardware or software components designed to generate and transmit the code in a protected manner, such as through encrypted channels or dedicated secure communication protocols. The system validates the received code against expected values or patterns to confirm its authenticity and integrity. This approach is particularly useful in applications requiring high-security authentication, such as financial transactions, access control, or sensitive data transmission. The method ensures that the code is dynamically generated and transmitted securely, minimizing the risk of interception or replay attacks.
16. The method of claim 12 , wherein the act of receiving the time variant code comprises receiving an encrypted time variant code and the method further comprises decrypting the encrypted time variant code.
A system and method for secure authentication involves generating and processing a time variant code to verify the identity of a user or device. The method addresses security vulnerabilities in traditional authentication systems by using a code that changes over time, reducing the risk of unauthorized access. The time variant code is generated based on a secret key and a time-based parameter, ensuring that it is unique and time-sensitive. The system receives this code, which may be encrypted for additional security, and decrypts it if necessary. The decrypted code is then validated against a reference value derived from the same secret key and time parameter. If the received code matches the reference, authentication is successful. This approach enhances security by making it difficult for attackers to reuse intercepted codes, as they become invalid after a short period. The method can be applied in various secure communication and access control scenarios, such as online banking, mobile device authentication, and secure network logins. The use of encryption further protects the code during transmission, preventing interception and tampering.
17. The method of claim 13 , wherein the acts of mapping the time variant code and using the information to perform the services comprises not providing the information to a provider of services.
This invention relates to a method for managing time-variant codes in a system where services are provided based on such codes. The problem addressed is ensuring secure and controlled access to information derived from these codes, particularly when the information is sensitive or restricted. The method involves mapping a time-variant code to specific information, which is then used to perform services. A key aspect is that the information is not provided to the service provider, ensuring that the provider does not have direct access to the underlying data. Instead, the system processes the time-variant code and uses the associated information internally to fulfill the requested services without exposing the information to external parties. This approach enhances privacy and security by preventing unauthorized access or misuse of the information by the service provider. The time-variant code may be generated or updated dynamically, ensuring that the information remains relevant and secure over time. The method may also involve validating the code before processing it to confirm its authenticity and integrity. By restricting access to the information, the system ensures that only authorized entities can use it, reducing the risk of data breaches or unauthorized service provision. This method is particularly useful in applications where confidentiality and controlled access are critical, such as financial transactions, healthcare data processing, or secure authentication systems.
18. The method of claim 13 , wherein the act of using the corresponding information to perform the services comprises using credit card information about the entity to enable a credit card transaction.
This invention relates to systems and methods for processing financial transactions, specifically enabling credit card transactions using stored entity information. The method involves accessing stored data associated with an entity, such as a user or organization, and utilizing that data to facilitate a financial service. In particular, the method includes retrieving credit card details linked to the entity and applying those details to authorize and complete a credit card transaction. The system may involve a database storing entity profiles, including payment information, and a processing module that retrieves and applies this data to execute transactions. The invention addresses the need for secure, efficient transaction processing by leveraging pre-stored financial credentials, reducing manual input and improving transaction speed and accuracy. The method may also include validation steps to ensure the integrity of the credit card information before processing the transaction. This approach is particularly useful in e-commerce, subscription services, or any scenario requiring automated payment processing. The system may further integrate with third-party payment gateways or financial institutions to complete the transaction. The invention aims to streamline financial operations while maintaining security and compliance with payment regulations.
19. The method of claim 18 , wherein the act of using the corresponding information comprises receiving a validation or denial of the credit card transaction without providing a credit card number of the entity to the first party.
This invention relates to secure financial transaction processing, specifically a method for validating credit card transactions without exposing sensitive card details to the first party involved in the transaction. The problem addressed is the risk of data breaches and fraud when credit card numbers are transmitted or stored by multiple parties during transaction processing. The method involves a system where a transaction request is initiated by a first party, such as a merchant, and routed through an intermediary entity that acts as a gateway. The intermediary receives the transaction request and uses stored information to validate the transaction without directly sharing the credit card number with the first party. This stored information may include tokenized or encrypted data that represents the card details but does not expose the actual card number. The intermediary then communicates with a financial institution or payment processor to confirm the transaction, receiving either a validation or denial response. This response is relayed back to the first party, completing the transaction without the first party ever handling the raw credit card number. The system enhances security by minimizing exposure of sensitive financial data while maintaining the integrity of the transaction process. This approach is particularly useful in online or digital payment environments where data security is critical.
20. The method of claim 12 , wherein the act of using the corresponding information to perform the services comprises: using bank card information about the entity to enable a transaction through a third party; and receiving validation information from the third party.
This invention relates to a system for securely processing financial transactions using bank card information. The problem addressed is the need for a reliable and secure method to authenticate and validate transactions involving financial entities, such as banks or payment processors, through third-party systems. The method involves using bank card information associated with an entity to facilitate a transaction. The bank card information is processed to enable the transaction through a third-party service, which may include payment gateways, financial networks, or other intermediaries. After the transaction is initiated, validation information is received from the third party, confirming the success or failure of the transaction. This validation step ensures that the transaction is properly authorized and recorded, reducing the risk of fraud or errors. The system may also include additional steps, such as retrieving the bank card information from a secure database, encrypting the data during transmission, and logging transaction details for auditing purposes. The method ensures that sensitive financial data is handled securely while maintaining compliance with financial regulations. The use of third-party validation provides an additional layer of verification, enhancing trust in the transaction process. This approach is particularly useful in online payment systems, digital wallets, and other financial services where secure and efficient transaction processing is critical.
21. The method of claim 20 , wherein the act of using the corresponding information comprises receiving a validation or denial of the bank card transaction without providing a bank card number of the entity to the first party.
This invention relates to secure financial transaction processing, specifically a method for validating or denying a bank card transaction without exposing the card number to the first party involved in the transaction. The system addresses privacy and security concerns in digital transactions by enabling authentication and authorization without direct exposure of sensitive payment details. The method involves using pre-established information associated with the entity initiating the transaction to verify the transaction's legitimacy. This information may include tokenized data, cryptographic identifiers, or other non-sensitive attributes that can be cross-referenced with financial records. The validation or denial of the transaction is then communicated back to the first party without ever transmitting the actual bank card number, reducing the risk of data breaches or unauthorized access. The approach enhances security by minimizing the exposure of sensitive financial data while maintaining the integrity of the transaction process. This method is particularly useful in online payments, peer-to-peer transactions, or any scenario where secure authentication is required without direct card number sharing. The system ensures compliance with privacy regulations and reduces the attack surface for fraudulent activities.
22. The method of claim 12 , wherein the time variant code is generated to be a one-time non-predictable code.
A system and method for generating and using time-variant codes to enhance security in authentication or transaction processes. The technology addresses the problem of predictable or reusable codes, which are vulnerable to interception and replay attacks. The method involves generating a time-variant code that is both one-time and non-predictable, ensuring that each code is unique and cannot be reused or anticipated by an attacker. The code is dynamically generated based on time-sensitive parameters, such as a timestamp or a counter, and may incorporate additional security measures like cryptographic hashing or random number generation. The system ensures that the code expires after a single use or within a predefined time window, preventing unauthorized access. This approach is particularly useful in secure authentication systems, financial transactions, or access control mechanisms where preventing code reuse is critical. The method may also include verifying the code against a stored or dynamically computed reference to confirm its validity and freshness. The time-variant nature of the code mitigates risks associated with static or predictable authentication tokens, improving overall system security.
23. The system of claim 1 , wherein the processor is further configured to execute a restriction mechanism to determine compliance with any access restrictions for the first party to secure data of the entity for completing the transaction based at least in part on an indication of the entity communicated with a transaction request, and to allow or not allow access to the secure data associated with the entity including the account identifying information required to enable the transaction based on the determined compliance with any access restrictions for the first party.
This invention relates to a secure data access system for financial transactions, addressing the problem of unauthorized or restricted access to sensitive entity data during transaction processing. The system includes a processor that enforces access restrictions to ensure only authorized parties can retrieve secure data required to complete transactions. When a transaction request is received, the processor evaluates compliance with predefined access restrictions for the requesting party based on an indication of the entity involved. If the restrictions are satisfied, the system grants access to the secure data, which includes account identifying information necessary to enable the transaction. If restrictions are not met, access is denied. The system ensures that sensitive financial data is protected from unauthorized retrieval while facilitating legitimate transactions. The restriction mechanism dynamically assesses access rights in real-time, enhancing security and compliance in transaction processing. This approach prevents unauthorized parties from accessing critical account details, mitigating fraud and data breaches. The invention is particularly useful in financial services, payment processing, and secure data management systems where strict access controls are required.
Unknown
January 5, 2021
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.